Comparative Performance and Resilience Test Results - UTM Appliances Miercom tests comparing SG Series appliances against the competition
Overview Firewalls not only provide your first line of defense against external intruders but also connect you to the outside world. Enabling security on your firewall should not come at the cost of performance. While all network vendors provide datasheet performance numbers showing the maximum achievable throughput, third-party testing can offer proof points for real-life scenarios. Network experts Miercom have run extensive tests on a number of appliances to verify performance. Competitive solutions tested The tests compared products suitable for a typical 5 1 user organization from four vendors: SG 21 and SG 23 DELL SonicWALL NSA 26 FortiGate 1D WatchGuard XTM 525 Note: for all appliances sizing is an average guideline and customers should always contact their vendor or a qualified reseller to identify the right appliance models for their individual infrastructure requirements. Test conditions All appliances were tested at Miercom s test labs using state of the art test equipment from Ixia and Spirent. Where possible, mixed network traffic simulating real-world conditions were used to measure throughputs. This means that the results in this report may differ from vendors stated throughputs which typically indicate best-case scenarios. Results The tests measure firewall performance in the most common day-to-day scenarios. SG appliances came top in all throughput tests: firewall enabled, firewall + Application Control enabled, firewall + Intrusion Prevention System enabled, and connections per second. We are proud to award the SG 23 and the SG 21 Unified Threat Management appliances with the Miercom Performance Verified Certification. Miercom 1
1. Firewall throughput The firewall is the most fundamental function of your UTM. Any slowdown here impacts all traffic passing through the device. Therefore firewall throughput should ideally allow line rate for your connections. This test was conducted with three 1Gbps ports giving a theoretical maximum of 3Gbps/3,Mbps. Only the appliances were able to operate at wire speed. Unidirectional Firewall Throughput (Mbps) 3, 3, 3, The SG 23 and SG 21 were clearly, in order, the top two appliances in the field. Miercom 225 15 1,322 1,884 1,886 75 Layer 3 FG1D NSA26 Maximum Firewall Throughput (Max) As the first firewall throughput test did not stretch the SG appliances to their limits they were re-tested to ascertain their maximum throughput. To do this Miercom used more ports and sent traffic in both directions at the same time. Both appliances reached maximum throughput of over 1Gbps. Bidirectional Firewall Throughput (Mbps) 11, 1,441 1,332 8,25 5,5 2,75 Layer 3 2
2. Application Control Throughput Application Control allows you to effectively monitor and manage different types of traffic going through your gateway such as VPN, YouTube or Facebook without having to block traffic completely. This test looks at Layer 7 (Application layer) throughput. To analyse traffic at this layer requires the assembly of multiple packets of traffic in order to determine the application used. As such, application control inevitably comes at a certain cost in overheads and performance. The two appliances lead the field in terms of application control throughput. The SG 21 was 6% faster than the nearest competitive product. Application Control Throughput (Mbps) 1,3 975 1,9 1,215 65 679 325 486 491 Layer 7 FG1D NSA26 3. IPS Throughput Intrusion Prevention Systems monitor the network for suspicious traffic and can block exploits of known vulnerabilities. Similar to application control, this is a resource intensive process where packets are assembled and inspected. The SG appliances delivered the fastest performance of the products tested. Firewall + IPS Throughput (Mbps) 7 658 525 35 54 42 475 175 132 Layer 7 FG1D NSA26 3
4. Connections per second This test verifies the maximum number of new TCP connections a security appliance can establish per second. Establishing TCP connections is resource-consuming and usually draws resources from the security-detection engine of the appliance. The maximum number of new connections established per second gives an indication of the appliances ability to maintain security without impacting performance. The SG appliances again lead the field in this test. Connections per second 5, 37,5 45,5 25, 29,66 12,5 15,1 8,8 3,2 FG1D NSA26 Conclusion In independent testing based on real-life scenarios the SG appliances delivered the fastest performance, even when enabling additional security and control features, beating comparative solutions from, Dell SonicWALL and WatchGuard. Next steps For more information, including demo videos and a free trial, visit www.sophos.com/utm. Contact your partner today to discuss how you can enhance your network protection with UTM. The SG 23 and SG 21 proved best in competitive performance tests compared to other leading UTM product solutions. Miercom 4
About Miercom Miercom has published hundreds of product comparison analysis articles over the years in leading networking periodicals, including Network World, CommunicationsWeek/InternetWeek, Business Communications Review, No Jitter, UBM TechWeb, Communications News, xchange and Internet Telephony. The pioneer of the business of independent, hands-on testing of products and services for the enterprise network and telecommunications service providers, Miercom has remained the global leader in independent, hands-on testing for more than 26 years. Comprehensive test programs are offered by Miercom that lead to the following certifications: Performance Verified,Certified Secure, Certified Green, Certified Interoperable and Certified Reliable, which can be earned in standalone or competitive testing. These certifications are recognized by networking vendors and end-user organizations as an accurate, unbiased validation of the ability of the product or service to perform in a real-world network. For more information about Miercom testing and consulting services as well as certifications, please visit www.miercom.com. UTM Get a free trial at sophos.com/try-utm More than 1 million users in 15 countries rely on as the best protection against complex threats and data loss. is committed to providing complete security solutions that are simple to deploy, manage, and use that deliver the industry s lowest total cost of ownership. offers award winning encryption, endpoint security, web, email, mobile, server and network security backed by Labs a global network of threat intelligence centers. Read more at www.sophos.com/products. United Kingdom and Worldwide Sales Tel: +44 ()8447 671131 Email: sales@sophos.com North American Sales Toll Free: 1-866-866-282 Email: nasales@sophos.com Australia and New Zealand Sales Tel: +61 2 949 91 Email: sales@sophos.com.au Asia Sales Tel: +65 62244168 Email: salesasia@sophos.com Oxford, UK Boston, USA Copyright 214. Ltd. All rights reserved. Registered in England and Wales No. 29652, The Pentagon, Abingdon Science Park, Abingdon, OX14 3YP, UK is the registered trademark of Ltd. All other product and company names mentioned are trademarks or registered trademarks of their respective owners. 1133-3.14DD.na.simple Miercom ref. DR14314B